package com.qf.springboot.config;


import com.qf.springboot.realm.MyRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.SpringBootConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @Auther: xiaobobo
 * @Date: 2020/2/26 14:39
 * @Description:Shiro的整个配置文件
 */
@SpringBootConfiguration
public class ShiroConfig {

    private Logger logger= LoggerFactory.getLogger(ShiroConfig.class);

    //下面配置AOP对注解的支持(也就是shiro中注解的支持)
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
            @Qualifier("securityManager") DefaultWebSecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }
    @Bean
    @ConditionalOnMissingBean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }
    //配置咋们的过滤器拦截请求
    @Bean
     public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager")DefaultWebSecurityManager securityManager){
         ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
         logger.info("shiro的过滤器执行了.....");

         //配置如果认证没有通过的话 那么跳转的这个页面
         shiroFilterFactoryBean.setLoginUrl("/toLogin");


         Map<String,String> maps=new LinkedHashMap<>();
         //第一个参数是路劲  第二个参数是过滤器的名字
        /**
         * 常见的过滤器的名字以及含义
         * /**：当前以及目录和后面的所有子目录全部都匹配上
         *       127.0.0.1:8080/bobo     127.0.0.1:8080/bobo/xiaobobo
         * /* ：这个相当于只是匹配当前这一级的节点   127.0.0.1:8080/bobo
         *      127.0.0.1:8080/bobo/xiaobobo
         * authc：认证的过滤器
         * anon： 表示的是/toIndex这个请求 不认证就可以访问 （匿名访问）
         *        maps.put("/toIndex","anon");
         * logout：登陆过滤器
         *        maps.put("/logout","logout")
         * perms：权限控制的
         * roles:具有某一个角色才能访问
         *
         * 注意事项：  /** 这个配置一定是最后 一个
         *
         */
        //maps.put("/toIndex","anon");  //表示的是不需要认证就可以访问

        maps.put("/login","anon");  //访问请求的地址
        maps.put("/register","anon");  //访问请求的地址
        maps.put("/logout","logout");  //这个就是退出功能
        maps.put("/admin", "roles[admin]");
        maps.put("/edit", "perms[delete]");
        maps.put("/**","authc");   //所有的请求都必须在用户认证之后才能访问


         shiroFilterFactoryBean.setFilterChainDefinitionMap(maps);

         //设置这个安全管理器
        shiroFilterFactoryBean.setSecurityManager(securityManager);
         return shiroFilterFactoryBean;
     }


    //配置的是安全管理器
    @Bean
    public DefaultWebSecurityManager securityManager(@Qualifier("myRealm") MyRealm myRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //设置校验的realm对象
        logger.info("securityManager的过滤器执行了.....");
        securityManager.setRealm(myRealm);
        securityManager.setRememberMeManager(rememberMeManager());
        return securityManager;
    }



    //配置的是realm
    @Bean
    public MyRealm myRealm(){
        MyRealm myRealm = new MyRealm();
        logger.info("myRealm的过滤器执行了.....");
//        myRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        return myRealm;
    }
    @Bean
    public CookieRememberMeManager rememberMeManager(){
        CookieRememberMeManager rememberMeManager = new CookieRememberMeManager();
        //设置咋们的Cookie
        rememberMeManager.setCookie(simpleCookie());
        return rememberMeManager;
    }

    /**
     * 自定义一个Cookie对象
     * @return
     */
    @Bean
    public SimpleCookie simpleCookie(){
        SimpleCookie simpleCookie = new SimpleCookie("rememebenrMe");
        simpleCookie.setMaxAge(2592000);
        return simpleCookie;
    }
    //配置密码散列的问题
//    @Bean
//    public HashedCredentialsMatcher hashedCredentialsMatcher(){
//        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
//        //这里就是设置散列的方法的地方
//        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
//        //设置的是散列的次数
//        hashedCredentialsMatcher.setHashIterations(1);
//        return hashedCredentialsMatcher;
//    }

}
